Debian Security Advisory DSA 1777-1 (git-core)

The remote host is missing an update to git-core announced via advisory DSA 1777-1. OpenVAS Vulnerability Test $Id: deb17771.nasl 6615 2017-07-07 12:09:52Z cfischer $ Description: Auto-generated from advisory DSA 1777-1 git-core Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc...

MDVA-2008:025 : drakxtools

This drakxtools update package fixes issues with the hardrake tool to make sure that USB keys are not auto-configured by the service at boot 34568, and adds back the Run Config tool button in the harddrake interface 34794. An issue where bootloader-config would use vmlinuz-desktop or...

AIX 610002 : U824016

The remote host is missing AIX PTF U824016 which is related to the security of the package bos.pmapi.pmsvcs You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

Racer 0.5.3b5 Remote Stack Buffer Overflow Exploit

Exploit for unknown platform in category remote exploits ================================================== Racer 0.5.3b5 Remote Stack Buffer Overflow Exploit ================================================== / Racer vs 0.5.3 beta 5 Remote Stack Buffer OverflowC exploit by fl0 fl0w...

GMail, GTalk phishing scam underway

Attention GMail and GTalk users: There’s a major spam run underway with social engineering lures to steal your login cretentials. This image shows a GMail message that purports to be an account termination warning from Google but, if a user is tricked into clicking on the link, he/she is redirect...

Moderate: Red Hat Security Advisory: sudo security update

An updated sudo package to fix a security issue is now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The sudo superuser do utility allows system administrators to give certain users the ability to run...

KVIrc 3.4.2 Shiny (uri handler) remote command execution exploit

!-- KVIrc 3.4.2 Shiny uri handler remote command execution exploit by Nine:Situations:Group::strawdog Tested against IE8beta/WINxpsp3 software site: http://www.kvirc.net/?lang=en description: "KVIrc is a Multilanguage, graphical IRC-Client for Windows, Linux, Unix and Mac OS..." A command line...

CVE-2008-4832

rc.sysinit in initscripts 8.12-8.21 and 8.56.15-0.1 on rPath allows local users to delete arbitrary files via a symlink attack on a directory under 1 /var/lock or 2 /var/run. NOTE: this issue exists because of a race condition in an incorrect fix for CVE-2008-3524. NOTE: exploitation may require ...

FreeBSD : emacs -- run-python vulnerability (66657bd5-ac92-11dd-b541-001f3b19d541)

Emacs developers report : The Emacs command run-python' launches an interactive Python interpreter. After the Python process starts up, Emacs automatically sends it the line : import emacs which normally imports a script named emacs.py which is distributed with Emacs. This script, which is...

AIX 530007 : U819316

The remote host is missing AIX PTF U819316 which is related to the security of the package bos.rte.shell You should install this PTF for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0; include'deprecatednasllevel.inc';...

Hummingbird Deployment Wizard ActiveX Control Multiple Security Vulnerabilities

This host is installed with Deployment Wizard ActiveX Control and is prone to multiple security vulnerabilities. The multiple flaws are due to error in 'SetRegistryValueAsString', 'Run' and 'PerformUpdateAsync' methods in DeployRun.DeploymentSetup.1 DeployRun.dll ActiveX control. OpenVAS...

CUPS: SGI image parser heap-based buffer overflow

Heap-based buffer overflow in the readrle16 function in imagetops in CUPS before 1.3.9 allows remote attackers to execute arbitrary code via an SGI image with malformed Run Length Encoded RLE data containing a small image and a large row count...

[security bulletin] HPSBOV02364 SSRT080078 rev.1 - HP OpenVMS SMGRTL Run Time Library, Local Authorized User, Gain Privileged Access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01539423 Version: 1 HPSBOV02364 SSRT080078 rev.1 - HP OpenVMS SMGRTL Run Time Library, Local Authorized User, Gain Privileged Access NOTICE: The information in this Security Bulletin should be...

GNU Emacs 'python.el'代码执行漏洞

BUGTRAQ ID: 31052 CNCAN ID：CNCAN-2008091008 Emacs是一款可扩展的实时显示编辑器。 GNU Emacs不正确处理Python脚本，本地攻击者可以利用漏洞以应用程序权限执行任意代码。 GNU Emacs命令run-python'启动交互的Python解析器，在Python启动后，Emacs自动发送： import emacs 用于导入Emacs分发的emacs.py脚本，这个脚本一般位于包含其他Emacs程序文件的写保护的安装目录中，定义各种函数帮助Python与Emacs通信处理。...

emacs -- run-python vulnerability

Emacs developers report: The Emacs command run-python' launches an interactive Python interpreter. After the Python process starts up, Emacs automatically sends it the line: import emacs which normally imports a script named emacs.py which is distributed with Emacs. This script, which is typicall...

Adobe Album Starter 3.2 - Unchecked Local Buffer Overflow

Adobe Album Starter 3.2 - Unchecked Local Buffer Overflow Exploitable issue in various Adobe products c0ntex [email protected] Scott Laurie February 2008 Vulnerable applications, tested: Adobe Photoshop Album Starter Adobe After Effects CS3 Adobe Photoshop CS3 Not Vulnerable applications, tested:...

CVE-2008-1021

Heap-based buffer overflow in Animation codec content handling in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted movie with run length encoding...

Heap overflow

Heap-based buffer overflow in Animation codec content handling in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted movie with run length encoding...

CVE-2008-1021

Heap-based buffer overflow in Animation codec content handling in Apple QuickTime before 7.4.5 on Windows allows remote attackers to execute arbitrary code via a crafted movie with run length encoding...

Opera 9.50 beta and prior remote DoS (freeze)

Name : Opera 9.50 beta / 9.24 Remote DoS Type : Remote DoS Credits: Gynvael Coldwind of Vexillium & Simey Impact : Low Short description Opera is vulnerable to a remote DoS attack, using spacially crafted BMP files, that causes the browser to freeze for a short amount of time around 4 minutes on...